PROFESSIONAL SUMMARY:

• I am an accomplished and talented IT professional with a long history of success in the Information Technology industry.
• My experience for the last decade has been in the Information Security realm with a strong focus on various Identity and Access Management technologies.
• I have had the opportunity to experience growth in many career aspects.
• Thus, I am well rounded with experience in technical architecture, management, leadership, project management, business analysis, business process mapping, technical administration and operations.
• This varied experience gives me a unique advantage to relate to customers and peers on varying levels of knowledge and exposure.

SKILLS & ABILITIES:

• Lead multiple project delivery teams across various clients.
• Ensure client satisfaction is high and address any performance or contact issues in a timely and efficient manner.
• Work closely with key vendor contacts to create partnerships that ensure both vendor and company success. These include such vendors as NetSkope, Cytegic and Micro Focus.
• Created a service team with subject matter experts who were cross trained and provided back up support across varying technologies. This team model was adopted as a team standard across other IT groups with similar technology breadth.
• Adhered to budget and resource constraint requirements while delivering on service level agreements, system uptimes and project deliverables.
• Presented, sold and implemented process and system improvement ideas, such as streamlined user provisioning, to senior leadership, peers and user community that ensured the enterprise met forecast, security and compliance requirements while maintaining an exceptional user experience.
• Teamed with vendors to negotiate contracts, licensing renewals, product life cycle planning, enhancement requests, and consultant services. Provided direction, service level reviews, and vendor feedback sessions on a quarterly basis.
• Crafted information security policies and procedures, security exception documents and process flow maps, design documents, product run books, project risk statements, project plans, quality control, change control and security exception
• Increased user and peer awareness by presenting security risks and product abilities in various formats including presentations, training videos, web site content, and help and error pages.
• Recognized by leadership for project communication status. Created a template for project status updates that was adapted and used universally for large IT projects.
• Maintained open communication with end users, vendors and peers accepting verbal, written and survey feedback and utilizing topic themes for process and communication improvement opportunities.
• Facilitate communication between off shore development, onsite technical teams and customer to ensure that all teams are working towards common goals and have the same understanding of initiatives and focus.
• Lead a team of six global associates to deliver Identity and Access services to a mid - sized global enterprise. Coordinated meetings, provided team reviews, represented the team to leadership and cross domain project teams and ensured every team member was working toward the same team mission and vision.
• Provided mentorship to colleagues inside and outside of the team in a sponsor capacity. Assisted sponsees with personal development plans, advocate feedback, personal improvement plans, and transition planning and conflict resolution advice.
• Coordinated requirements and design discussions between customers and design and development teams. Reviewed future state requirements with project scope and negotiated deliverables to meet both.
• Represent team and sponsees in contribution committee review board. Highlighted key areas of success for the year and opportunities for improvement. Reviewed and discussed future development opportunities with committee and worked with team to follow through on identified opportunities.
• Collaborated closely with security and compliance core teams to create user IT policies, create disaster recovery plans, develop security vision and roadmap, evaluate and implement new security tools and perform security assessments.
• Kept abreast of industry standards, networked with fellow professionals by attending summits, conferences, and web based training seminars. Contacted vendors that had potential products to meet business needs and evaluated the products based on the need.
• Coordinated proof of concept projects to prove vendor fit for business needs.
• Ensured that security policies and operations adhered to government and industry regulations such as: HIPAA, PCI, PII, and NIST. Adjusted and suggested improvements where policy did not follow regulations.
• Reviewed and analyzed security applications with an eye to ensure that the company was using the most relevant technology for the need provided. Evaluated technology based on business and compliance needs and recommended products to meet those needs.
• Provided implementation, development and administration for various security and IT technologies.
• Evaluated effectiveness of security services. Evaluated, recommended and implemented adjustments and new technology to fill gaps identified in evaluation.
• Represented security as a subject matter architect within the Enterprise Architecture team to ensure that all enterprise architecture decisions and recommendations met security standards and best practices. If exceptions were needed, collaborated with business, architects and peers to minimize risk, document exceptions and set up annual review of granted exceptions.
• Designed and recommended new product replacement technology and logic based off current state functionality, future state needs and product capability.
• Led design discussions, user storyboarding work, current state analysis meetings, and customer review meetings. Facilitated discussions between customer, off shore development and onsite technical team to ensure that all requirements were being met, while accomplishing project timelines and deliverables.
• Responsible for leadership, architecture design and technical oversight of a 75,000-user Symantec VIP Multi factor Authentication implementation project for an international media client. Led a cross functional, cross support/vendor team to a successful completion of the project on time and on budget.
• Review and document IAM business processes for large airline industry client. Recommend automation or process improvements after conferring with clients technical and business stakeholders.
• Facilitated business process improvement workshops for user provisioning, customer provisioning, birthright roles, and privileged access management processes between business, HR, legal and technical team. Ensured that recommendations for improvement were carried out in a timely and efficient manner.
• Evaluated existing automated business process workflows by interviewing business and technical stakeholders and walking through user experience. Facilitated discussions between stakeholders to design new workflows and forms.
• Evaluated access governance process and facilitated business process improvement mapping session to reduce unnecessary reviews and identify opportunities for automation.

TECHNOLOGIES:

• NetIQ Identity Manager NetIQ Access Manager NetIQ Sentinel
• NetSkope SecureAuth Cytegic
• Symantec VIP Manager CyberArk OneLogin
• Citrix NetScaler Aveska MyAccess F5 Load Balancer
• Microsoft Active Directory Novell eDirectory Sun Directory Server
• Microsoft Windows SUSE Linux Enterprise Server Microsoft Visio
• ServiceNow IBM Identity Governance IBM ITIM
• Microsoft Project Microsoft Office 365 Oracle Databases
• Ping Federate RSA SecureID
• JBOSS SQL Queries XML Scripting
• LDAP Protocols Roles Based Access Controls Attribute Based Access Controls
• Kerberos

EXPERIENCE:

IAM Subject Matter EXPERT

Confidential

Responsibilities:

• Lead a project team to run a pilot program to convert privileged access management solution from CyberArk Enterprise Password Vault to Centrify PAM PowerBroker module at a 150,000 user - global banking firm. Pilot program work consists of setting pilot criteria, identifying potential candidate applications, conducting candidate reviews, identifying use cases and facilitating the move to the new authentication method. Assist with removing out dated authentication methods from the application after full life cycle move from DEV to PRODUCTION environments and full validation testing,
• Lead a project team to run a pilot program to convert privileged access management solution from CyberArk AIM to Kerberos authentication methodology at a 150,000 user-global banking firm. Pilot program work consists of setting pilot criteria, identifying potential candidate applications, Assisted with questions on database kerberization; keytab management best practices; credential security; and environment preparation.
• Provide risk analysis in access recertification process to evaluate and remediate privileged access accounts according to firm standards. Work with business users, technology control officers, application owners, system administrators and database administrators to ensure access is secure while allowing business to operate uninterrupted.

Security practice MANAGER

Confidential

Responsibilities:

• Responsible for leadership and governance of multiple project delivery teams across various clients. Varied project focus including Identity and Access Management, Framework Delivery, Application Security, SIEM deployment, Cloud Security and Risk and Compliance Management
• Provide companywide security program direction to help develop key service offerings, program initiatives and vision. Selected and coordinated with vendors to create partnerships in areas of IAM (Micro Focus/NetIQ/CyberArk), Risk and Compliance Management (Cytegic), Cloud Security (NetSkope/Symantec); and MSSP management (AlertLogic).
• Responsible for IAM and Application Security tower leadership for a 65,000-user MSSP engagement at a major US airline. Led, developed and administered IAM technologies such as SecureAuth for MFA, OAuth and SSO integration, eDirectory and Active Directory for authentication and system directories, Aveska for workflow management, NetIQ IDM for provisioning, NetIQ Self Service Password Reset for password management, Venafi for certificate management; and an internally developed application for Unix authentication. Interface with the client and other vendors to identify continuous improvement opportunities and ensure recommendations are implemented to vendor and industry standards.
• Responsible for leadership, architecture design and technical oversight of a 75,000-user Symantec VIP Multi factor Authentication implementation project for an international media client. Led a cross functional, cross support/vendor team to a successful completion of the project on time and on budget.
• Responsible for data analysis of roles in a role-based access control project utilizing role mining technologies for a 30,000-user waste management company. Utilized role mining reports, business reports and interview data to presented candidate business roles to the customer for SOX compliant applications. By implemented access governance best practice rules; reduced access re-certification burden by only requiring re-certification for high impact and exception roles.
• Provided development and support for a complex 45 connector NetIQ IDM provisioning solution deployment.
• Reversed engineered drivers to document business process flows and recommend improvements in architecture and system process for large airline industry client. Recommend automation or process improvements after conferring with clients’ technical and business stakeholders.
• Conducted a workshop for a major US department organization on single sign on, SAML authentication technologies utilizing IBM Federated Identity Manager solution. Topics included providing federated authentication and authorization capabilities to both internal employees and key financial partners/clients. Reviewed potential use cases, potential architecture options and limitations and benefits of each option.
• Architected and implemented an RSA SecureID MFA solution for a 1,500-user US based financial institution. Integrated the solution with cloud Azure directory for authentication, provided architectural recommendation for high availability and fail over for both the product solution servers, as well as the authentication directory and network routes. Integrated the solution with QRadar for SIEM alert logging to detect authentication intrusion attempts.
• Provided PingFederate maintenance and deployment support for a 30,000-user medical insurance provider. Worked with vendor partners to manage metadata certificate renewals; deploy and test new attribute mapping requirements and deploy new federated solutions.
• Led a cross functional team to develop a tool that evaluated and reported on unmanaged privileged access in a 50,000-user global insurance firm. The tool utilized data from systems of record including CyberArk, Active Directory and SailPoint IIQ to report on unmanaged orphan privileged rated accounts as well as managed accounts not yet managed to defined privileged access standards.

LEad consultant - IDM architect

Confidential

Responsibilities:

• Performed security architecture support for a 65,000-user global manufacturing company.
• Led design discussions, user storyboarding work, current state analysis meetings, and customer review meetings. Facilitated discussions between customer, off shore development and onsite technical team to ensure that all requirements were being met, while accomplishing project timelines and deliverables.
• Led discussions on new support models and access controls that would allow off shore support models to support access management tools for a federally regulated on shore industry client.
• Identified risks to project deliverables and timelines and collaborated closely with teams to reduce or eliminate the risk. If risk could not be reduced, proposed alternative options to complete the work or negotiate change order requirements.
• Architected a solution that would combine existing ease of use functionality with new features and security measures.
• Created detailed design documentation including pseudo logic requirements that were then utilized by the development team to complete development. Worked closely with development team and customer to ensure the product developed met needs, user experience requirements and was scalable and flexible for future design changes.
• Evaluated existing automated business process workflows by interviewing business and technical stakeholders and walking through user experience. Facilitated discussions between stakeholders to design new workflows and forms.
• Evaluated access governance process and facilitated business process improvement mapping session to reduce unnecessary reviews and identify opportunities for automation.

IAM Program manager

Confidential

Responsibilities:

• Accountable for the successful delivery of identity and access services (IAS) to a 20,000-user global manufacturing enterprise. Responsible for team leadership, program service offerings, vendor management, business systems analysis and service architecture.
• Facilitated business process improvement workshops for user provisioning, customer provisioning, birthright roles, and privileged access management processes between business, HR, legal and technical team. Ensured that recommendations for improvement were carried out in a timely and efficient manner.
• Championed projects related to Identity and Access Services ensuring that the right resources were used effectively and that projects met business requirements, user needs, and project timelines and budgets. Facilitated discussions if any of the above needs were not being met and ensured that alternative options or expectations were explored and agreed upon.
• Represented security as a subject matter architect within the Enterprise Architecture team to ensure that all enterprise architecture decisions and recommendations met security standards and best practices. If exceptions were needed, collaborated with business, architects and peers to minimize risk, document exceptions and set up annual review of granted exceptions.
• Collaborated closely with security and compliance core teams to create user IT policies, create disaster recovery plans, develop security vision and roadmap, evaluate and implement new security tools and perform security assessments.
• Ensured that security policies and operations adhered to government and industry regulations such as: HIPAA, PCI, PII, and NIST. Adjusted and suggested improvements where policy did not follow regulations.
• Represented the Identity and Access team and program needs to senior business and IT leadership. Ensured that team resource needs were identified and filled as needed. Presented user feedback, opportunities for improvement, new product projects and feature enhancements on an annual basis to senior leadership.
• Continually maintained updated information on the status of approved projects and enhancements. As such the identity program was mentioned as a key highlight and positive security initiative during a security assessment performed by an outside firm.
• Coordinated with quality assurance team, security team, enterprise architecture team and end user services to ensure that the Identity Management service offerings met all compliance, industry regulation and security requirements, enterprise architecture standards and user needs and user experience requirements.
• Ensured that all program products met vendor licensing and contractual agreements, all consulting services provided met agreed upon statement of work efforts and maintained vendor life cycle requirements and support needs.

IAM application administrator

Confidential

Responsibilities:

• Reduced escalated service desk calls by thirty (30) % by implementing data quality checks, system health checks and monthly server maintenance.
• Implemented monthly release schedule to document and coordinate changes being implemented in the Identity Management system.
• This led to significant reduction in product downtime by being able to correlate recent changes to reported issues.
• Managed all projects related to new system integrations. This increased the systems connected and managed by the central Identity Management system from 4 core enterprise systems to over twenty (20) systems with connected drivers and several hundred via LDAP and Federated services.
• Designed and maintained a system outage notification system to keep end users informed of system issues and planned maintenance. This reduced the number of service desk calls dramatically during outages and maintenance.
• Reduced standard repeatable issues by forty (40) % by working closely with the service desk in evaluating known issues and identifying and implementing needed policy or process changes.

Client services engineer

Confidential

Responsibilities:

• Responsible for IT support in a small manufacturing facility.
• Support included computer hardware and OS, applications, servers, network wiring and equipment, manufacturing HMI equipment, printers, scanners and conferencing audio/visual equipment.
• Participated in enterprise projects to standardize and upgrade software, asset inventory, and hardware purchasing processes.
• Led a project to implement a particle monitoring system for a Class 100 clean room, including coordinating sensor placement with the vendor and business manufacturing leadership and setting up alerts and reports on high particle counts.

Client services engineer

Confidential

Responsibilities:

• Assigned directly to various clients as on-site client services engineer. These clients included Merrill Lynch Investment Managers and Boeing. Acted as back up for service coordinator and team lead ensuring that client needs were addressed and team assignments were allocated appropriately.
• Met customer satisfaction metric goals of 95% satisfaction.
• Met and exceeded performance metric goals of 95% ticket closure within 3 business days.